1/* Stack protector support.
2   Copyright (C) 2005 Free Software Foundation, Inc.
3
4This file is part of GCC.
5
6GCC is free software; you can redistribute it and/or modify it under
7the terms of the GNU General Public License as published by the Free
8Software Foundation; either version 2, or (at your option) any later
9version.
10
11In addition to the permissions in the GNU General Public License, the
12Free Software Foundation gives you unlimited permission to link the
13compiled version of this file into combinations with other programs,
14and to distribute those combinations without any restriction coming
15from the use of this file.  (The General Public License restrictions
16do apply in other respects; for example, they cover modification of
17the file, and distribution when not linked into a combine
18executable.)
19
20GCC is distributed in the hope that it will be useful, but WITHOUT ANY
21WARRANTY; without even the implied warranty of MERCHANTABILITY or
22FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
23for more details.
24
25You should have received a copy of the GNU General Public License
26along with GCC; see the file COPYING.  If not, write to the Free
27Software Foundation, 51 Franklin Street, Fifth Floor, Boston, MA
2802110-1301, USA.  */
29
30/* As a special exception, if you link this library with files compiled with
31   GCC to produce an executable, this does not cause the resulting executable
32   to be covered by the GNU General Public License. This exception does not
33   however invalidate any other reasons why the executable file might be
34   covered by the GNU General Public License.  */
35
36#include "config.h"
37#ifdef HAVE_ALLOCA_H
38# include <alloca.h>
39#endif
40#ifdef HAVE_STRING_H
41# include <string.h>
42#endif
43#ifdef HAVE_UNISTD_H
44# include <unistd.h>
45#endif
46#ifdef HAVE_FCNTL_H
47# include <fcntl.h>
48#endif
49#ifdef HAVE_PATHS_H
50# include <paths.h>
51#endif
52#ifndef _PATH_TTY
53# define _PATH_TTY "/dev/tty"
54#endif
55#ifdef HAVE_SYSLOG_H
56# include <syslog.h>
57#endif
58
59#include <stdlib.h>
60
61void *__stack_chk_guard = 0;
62
63static void __attribute__ ((constructor))
64__guard_setup (void)
65{
66  unsigned char *p;
67  int fd;
68
69  if (__stack_chk_guard != 0)
70    return;
71
72  fd = open ("/dev/urandom", O_RDONLY);
73  if (fd != -1)
74    {
75      ssize_t size = read (fd, &__stack_chk_guard,
76                           sizeof (__stack_chk_guard));
77      close (fd);
78      if (size == sizeof(__stack_chk_guard) && __stack_chk_guard != 0)
79        return;
80    }
81
82  /* If a random generator can't be used, the protector switches the guard
83     to the "terminator canary".  */
84  p = (unsigned char *) &__stack_chk_guard;
85  p[sizeof(__stack_chk_guard)-1] = 255;
86  p[sizeof(__stack_chk_guard)-2] = '\n';
87  p[0] = 0;
88}
89
90static void
91fail (const char *msg1, size_t msg1len, const char *msg3)
92{
93#ifdef __GNU_LIBRARY__
94  extern char * __progname;
95#else
96  static const char __progname[] = "";
97#endif
98  int fd;
99
100  /* Print error message directly to the tty.  This avoids Bad Things
101     happening if stderr is redirected.  */
102  fd = open (_PATH_TTY, O_WRONLY);
103  if (fd != -1)
104    {
105      static const char msg2[] = " terminated\n";
106      size_t progname_len, len;
107      char *buf, *p;
108
109      progname_len = strlen (__progname);
110      len = msg1len + progname_len + sizeof(msg2)-1 + 1;
111      p = buf = alloca (len);
112
113      memcpy (p, msg1, msg1len);
114      p += msg1len;
115      memcpy (p, __progname, progname_len);
116      p += progname_len;
117      memcpy (p, msg2, sizeof(msg2));
118
119      while (len > 0)
120        {
121          ssize_t wrote = write (fd, buf, len);
122          if (wrote < 0)
123            break;
124          buf += wrote;
125          len -= wrote;
126        }
127      close (fd);
128    }
129
130#ifdef HAVE_SYSLOG_H
131  /* Only send the error to syslog if there was no tty available.  */
132  else
133    syslog (LOG_CRIT, "%s", msg3);
134#endif /* HAVE_SYSLOG_H */
135
136  /* Try very hard to exit.  Note that signals may be blocked preventing
137     the first two options from working.  The use of volatile is here to
138     prevent optimizers from "knowing" that __builtin_trap is called first,
139     and that it doesn't return, and so "obviously" the rest of the code
140     is dead.  */
141  {
142    volatile int state;
143    for (state = 0; ; state++)
144      switch (state)
145        {
146        case 0:
147          __builtin_trap ();
148          break;
149        case 1:
150          *(volatile int *)-1L = 0;
151          break;
152        case 2:
153          _exit (127);
154          break;
155        }
156  }
157}
158
159void
160__stack_chk_fail (void)
161{
162  const char *msg = "*** stack smashing detected ***: ";
163  fail (msg, strlen (msg), "stack smashing detected: terminated");
164}
165
166void
167__chk_fail (void)
168{
169  const char *msg = "*** buffer overflow detected ***: ";
170  fail (msg, strlen (msg), "buffer overflow detected: terminated");
171}
172
173#ifdef HAVE_HIDDEN_VISIBILITY
174void
175__attribute__((visibility ("hidden")))
176__stack_chk_fail_local (void)
177{
178  __stack_chk_fail ();
179}
180#endif
181